package cn.stylefeng.guns.modular.separate.controller;


import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import cn.stylefeng.guns.core.common.constant.Const;
import cn.stylefeng.guns.core.shiro.ShiroKit;
import cn.stylefeng.guns.modular.app.common.ApiStatus;
import cn.stylefeng.guns.modular.app.vo.LoginVo;
import cn.stylefeng.guns.modular.base.state.Constant;
import cn.stylefeng.guns.modular.base.state.F;
import cn.stylefeng.guns.modular.base.util.RedisUtil;
import cn.stylefeng.guns.modular.base.util.Result;
import cn.stylefeng.guns.modular.system.entity.Role;
import cn.stylefeng.guns.modular.system.entity.User;
import cn.stylefeng.guns.modular.system.service.RoleService;
import cn.stylefeng.guns.modular.system.service.UserService;
import cn.stylefeng.roses.kernel.model.exception.ServiceException;
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RequestMapping("/web")
@RestController
public class WebLoginController {

    @Autowired
    private UserService userService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private RedisUtil redisUtil;

    @PostMapping("/login")
    public Result login(LoginVo loginVo) {
        if (StrUtil.isEmpty(loginVo.getAccount())) {
            throw new ServiceException(400, "账号不能为空");
        }
        if (StrUtil.isEmpty(loginVo.getPassword())) {
            throw new ServiceException(400, "密码不能为空");
        }

        User user = userService.getByAccount(loginVo.getAccount());
        if (user == null) {
            return Result.fail(ApiStatus.NOT_FIND_USER);
        }
        String salt = user.getSalt();
        String checkPwd = ShiroKit.md5(loginVo.getPassword(), salt);
        if (!user.getPassword().equals(checkPwd)) {
            return Result.fail(ApiStatus.VERIFY);
        }

        // 是否为管理员 Const.ADMIN_NAME
        List<Role> roleList = roleService.list(new LambdaUpdateWrapper<Role>().eq(Role::getDescription, Const.ADMIN_NAME));
        // 遍历角色列表 如果跟用户的角色相同 则是管理员
        boolean isAdmin = false;
        for (Role role : roleList) {
            if (user.getRoleId().equals(Convert.toStr(role.getRoleId()))) {
                isAdmin = true;
                break;
            }
        }
        if (!isAdmin) {
            return Result.fail(400, "非管理员，禁止进入");
        }

        String token = Constant.TOKEN + "user-" + IdUtil.simpleUUID();
        redisUtil.set(token, user, Long.parseLong(F.me().cfg(Constant.TOKEN_EXPIRE)));
        redisUtil.set(Constant.SINGLE_ACCOUNT + user.getAccount(), token, Long.parseLong(F.me().cfg(Constant.TOKEN_EXPIRE)));


        return Result.success(token);
    }
}
